Software Application is secured through Authentication and Authorization
- Authentication means “Identifying who the user is”
- Authorization means “Allowing what user has access to”
Legacy applications have maintained the list of users in the Application database.
- Application will have a Registration page where the user can register himself and get user credentials. Alternatively Administrators can setup the credentials for the user
- Application will also have a login page where the users will enter the user id and password.
- Application will validate the user credentials and then allow user access to the application.
- Application will maintain the user login session in its state.
- User will also have a logout option clicking on which Application will clear the user login state.
When organizations had multiple applications for the user to access, maintaining the user credentials for every application had become redundant. Also from user perspective, its convenient for the user to maintain credentials for every application. Hence the industry started to follow Single Sign On mechanism.
Whether be it a desktop application or a web application, Industry started to move away from maintaining a user list in database. Active Directory and LDAP protocols allowed user to use their desktop login credentials for application authentication.
With the advent of Cloud, 3rd party Identity providers started to maintain the user store and provided ways to sync Active Directory, maintain list of users, applications and authorization and enabled Single Sign on with the application. Examples include Onelogin, Okta, Ping Identity etc.
breathesoftware.wordpress.com 